Microsoft is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.
PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world’s PCs still run Windows XP.
Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market…
Cybersecurity software maker FireEye Inc said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed “Operation Clandestine Fox…”
“It’s a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors,” FireEye spokesman Vitor De Souza said via email…
He declined to elaborate, though he said one way to protect against them would be to switch to another browser.
Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.
Gee, is that all? Is there anything left to steal or compromise?
When Apple introduced the Mini, I took that as the occasion to experiment for the first time with Apple’s operating system OS X. After 22 years in the IBM and Microsoft environments.
Never looked back.
UPDATE: Homeland Insecurity now advises all Americans to stop using Internet Explorer till a Microsoft fix!
Bad architecture by design – never mind the endless driver issues, software glitches and security patches, Microsoft operates like an extortion racket, using planned obsolescence and the deliberate introduction of incompatibilities of new products with existing ones to ensure their corporate profitability. “Love it or leave it”
“Microsoft clarifies workarounds for IE zero day” http://www.zdnet.com/microsoft-clarifies-workarounds-for-ie-zero-day-7000028916/
May 12th, 2104: “As Patch Tuesday looms, Microsoft gives Windows 8.1 users a reprieve” http://www.computerworld.com/s/article/9248284/As_Patch_Tuesday_looms_Microsoft_gives_Windows_8.1_users_a_reprieve and “Windows XP die-hards can slash attack risk by dumping IE : Microsoft’s patch stats support advice to switch to another browser” http://www.computerworld.com/s/article/9248277/Windows_XP_die_hards_can_slash_attack_risk_by_dumping_IE